package com.isczy.serurity.security;

import com.isczy.utils.DataResult;
import com.isczy.utils.ResponseUtil;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * <p>
 * 对匿名用户无权限的处理
 * </p>
 *
 */
public class Unauthorized implements AuthenticationEntryPoint {

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response,AuthenticationException authException) throws IOException, ServletException {
        ResponseUtil.out(response, DataResult.builder().message("无权访问").errorBuild());
    }
}
/**
 * <p>
 * 对已认证用户无权限的处理
 * </p>
 *
 */
class UnauthorizedAccessDeniedHandler implements AccessDeniedHandler{

    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException e) throws IOException, ServletException {
        ResponseUtil.out(httpServletResponse, DataResult.builder().message("无权访问").errorBuild());
    }
}
